<?php
session_start();
include("../db_connect.php");
include("../class/objName.php");

if (
isset($_POST['types'])||
isset($_POST['price'])||
isset($_POST['quantity'])||
isset($_POST['brand'])||
isset($_POST['model'])||
isset($_POST['name'])||
isset($_POST['description'])||
isset($_POST['part'])||
isset($_POST['color'])||
isset($_POST['modeofpayment'])||
isset($_POST['year'])
){


$categories = "Acccessories";
$types  = mysql_real_escape_string(htmlentities(trim($_POST['types'])));
$brand  = mysql_real_escape_string(htmlentities(trim($_POST['brand'])));
$brand =  get_product_name($brand);
$model  = mysql_real_escape_string(htmlentities(trim($_POST['model'])));
$name  = mysql_real_escape_string(htmlentities(trim($_POST['name'])));
$description  = mysql_real_escape_string(htmlentities(trim($_POST['description'])));
$part  = mysql_real_escape_string(htmlentities(trim($_POST['part'])));
$year  = mysql_real_escape_string(htmlentities(trim($_POST['year'])));
$price  = mysql_real_escape_string(htmlentities(trim($_POST['price'])));
$color  = mysql_real_escape_string(htmlentities(trim($_POST['color'])));
$modeofpayment = mysql_real_escape_string(htmlentities(trim($_POST['modeofpayment']))); 
$quantity = mysql_real_escape_string(htmlentities(trim($_POST['quantity'])));
$conditions = "BrandNew";
$timepost = date("M-j-Y / h:i:s A"); 
$filename = "";
$id = $_SESSION['id'];
$obj = new objName();
$fname = array();
$fullname = $obj->get_profile_name($id);
$fname	= explode(" ", $fullname);
$display = 1;



$max = count($_FILES['image']);
if(is_array($_FILES['image'])){
	$img = "";
	
	while(list($key,$value) = each($_FILES['image']['name']) ){
		if(!empty($value)){
			$filename = $value;
			$path = "../images/vehicles/$filename";
			copy($_FILES['image']['tmp_name'][$key], $path);
			$img .= $value . "+"; 
		}
		

	}
	
}
else{
	echo "tae";
}
$sql = "INSERT INTO tblswaping(
`name`, 
`categories`, 
`description`,
`cparts`,
`conditions`, 
`brand`, 
`model`, 
`price`,
`filename`,
`quantity`,
`year`,
`types`,
`addoff`,
`fname`,
`lname`,
`timepost`,
`color`,
`modeofpayment`,
`display`
)
VALUES
(
'".$name."',
'".$categories."',
'".$description."',
'".$part."',
'".$conditions."',
'".$brand."',
'".$model."',
'".$price."',
'".$img."',
'".$quantity."',
'".$year."',
'".$types."',
'".$id."',
'".$fname[0]."',
'".$fname[1]."',
'".$timepost."',
'".$color."',
'".$modeofpayment."',
'".$display."'

)";
//echo $sql . "\n";
mysql_query($sql)or die(mysql_error());

if (mysql_affected_rows()){		
		
		header("location:../admin.php");
	}
	else{		
		echo $sql;
		
	}

}
else{
echo "tae";

}

function get_product_name($brand){
		$result=mysql_query("select brand from tblbrand where id=$brand") or die("select name from tblmodel where id=$brand"."<br/><br/>".mysql_error());
		$row=mysql_fetch_array($result);
		return $row['brand'];
}

?>